CN119696781A - A physical layer security key distribution device and method in multi-core optical fiber communication - Google Patents
A physical layer security key distribution device and method in multi-core optical fiber communication Download PDFInfo
- Publication number
- CN119696781A CN119696781A CN202510004880.8A CN202510004880A CN119696781A CN 119696781 A CN119696781 A CN 119696781A CN 202510004880 A CN202510004880 A CN 202510004880A CN 119696781 A CN119696781 A CN 119696781A
- Authority
- CN
- China
- Prior art keywords
- signal
- output end
- optical fiber
- receiving module
- signal receiving
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Landscapes
- Optical Communication System (AREA)
Abstract
本发明涉及光通信技术领域,公开了一种多芯光纤通信中的物理层安全密钥分发装置和方法,包括:公共源产生模块、多芯光纤链路传输模块、本地信号接收模块、异地信号接收模块和后处理模块,公共源产生模块用于产生多波长驱动信号,并将多波长驱动信号一分为二之后,分别传输给所述本地信号接收模块和多芯光纤链路传输模块;本地信号接收模块用于根据多波长驱动信号驱动产生第一序列和第一键控码;多芯光纤链路传输模块用于将多波长驱动信号传输给异地信号接收模块;异地信号接收模块用于根据多波长驱动信号驱动产生第二序列和第二键控码;键控码和第二键控码分别通过无线信道传输给异地信号接收模块和本地信号接收模块,后处理模块根据第一序列和第二序列获得用于加密的一致随机数。本发明能够实现高速密钥分发,而且在不增加系统复杂度和成本的条件下,提高了系统安全性。
The present invention relates to the field of optical communication technology, and discloses a physical layer security key distribution device and method in multi-core optical fiber communication, including: a common source generation module, a multi-core optical fiber link transmission module, a local signal receiving module, a remote signal receiving module and a post-processing module, wherein the common source generation module is used to generate a multi-wavelength driving signal, and after the multi-wavelength driving signal is divided into two, it is transmitted to the local signal receiving module and the multi-core optical fiber link transmission module respectively; the local signal receiving module is used to generate a first sequence and a first keying code according to the multi-wavelength driving signal drive; the multi-core optical fiber link transmission module is used to transmit the multi-wavelength driving signal to the remote signal receiving module; the remote signal receiving module is used to generate a second sequence and a second keying code according to the multi-wavelength driving signal drive; the keying code and the second keying code are transmitted to the remote signal receiving module and the local signal receiving module through a wireless channel respectively, and the post-processing module obtains a consistent random number for encryption according to the first sequence and the second sequence. The present invention can realize high-speed key distribution, and improves system security without increasing system complexity and cost.
Description
Technical Field
The present invention relates to the field of optical communications technologies, and in particular, to a physical layer security key distribution device and method in multi-core optical fiber communications.
Background
Optical fiber communication has become a key technology for modern data transmission due to the superior characteristics of high bandwidth, low signal attenuation, long-distance transmission and the like, and broadband communication has entered the era of gigabit access networks and 100G backbone networks. However, the transmission capacity of the single-mode fiber reaches the theoretical upper limit at present, the multi-core fiber has been gradually applied to broadband communication due to the advantages of high-capacity transmission and low crosstalk obtained by space division multiplexing, the multi-core fiber is laid in the actual link at present to reach the hundred kilometers level, the multi-core fiber is gradually developed to the thousand kilometers level, and the application of the multi-core fiber is a necessary development trend. With the increasing reliance on fiber optic networks for information transmission, fiber optic communication systems face increasingly stringent security challenges. Ensuring confidentiality, integrity, and availability of data transmitted over optical fibers has become one of the core problems in current optical fiber communication system designs. Among them, the security problem of single-mode fiber communication is mainly manifested in the risk of eavesdropping on the signal. Although single-mode optical fibers have a certain security physically, their signal transmission is not easy to be monitored directly, but the optical signals can be extracted by complex technical means without interrupting the transmission. Such eavesdropping may result in unauthorized access, threatening the security of sensitive information. The known bending eavesdropping is interfered by the information of the outer core, so that the sensitive information of the middle core is difficult to directly extract, and the traditional eavesdropping means is disabled. But in order to prevent unknown eavesdropping means it is also a potential risk of needing to encrypt it to prevent leakage. Thus, ensuring the distribution of encryption and security keys becomes a key element in the construction of secure communication systems.
In order to cope with the existing large-scale multi-core optical fiber networks and the potential eavesdropping risks, a mechanism capable of timely encrypting sensitive information in the process of high-speed information communication is needed. This is a process embodying secure key distribution compatible with optical fibre communications, in that the key distribution system needs to be compatible with the optical fibre transmission link, and in that the key distribution process can be concurrent with the communications.
The key distribution method based on the algorithm has the risk of being cracked due to the great increase of the current computer performance, so that the key generation method through the physical layer is widely studied. The quantum key distribution is difficult to acquire information by an eavesdropper due to the characteristic that single quantum is not reproducible, but the quantum key distribution single quantum is incompatible with the existing optical fiber communication system because a special quantum channel is required for transmission, and meanwhile, the problem of speed bottleneck exists. In classical physical layer key distribution, physical unclonable devices have the problem of limited key length, and channel reciprocity-based transmission distance is limited, so that the two modes are difficult to meet the current high-speed information communication. The key generation based on the chaotic laser has the advantages of high speed, high complexity, long transmission distance and the like. In addition, the optical signal generated by the chaotic laser can also be applied to optical fiber transmission, and is a potential scheme.
The chaotic lasers are used as a physical entropy source to generate high-speed random numbers due to the wide frequency spectrum and the large-amplitude random fluctuation characteristics, and in addition, the two chaotic lasers can realize chaotic synchronization under the condition of structure and parameter matching, and highly relevant chaotic waveforms are generated and can be used for key distribution. The key distribution based on the chaotic laser correlation is that legal users use a synchronous chaotic laser or a broadband noise source as a related signal source and modulate the related signal source by using independent random signals, and finally the chaotic time sequence under the same modulation state is selected to extract a consistent key.
At present, a synchronous chaotic laser is used as a related signal source, the principle is that a common source is used for generating chaotic light through a phase modulation or dispersion feedback mode, and then two response lasers are injected for controlling the state of chaotic signals through keying, and key extraction is carried out under the condition of consistency. As in the prior art (CN 109672533 a), a high-speed key distribution device based on chaotic synchronization of semiconductor lasers is provided, by controlling the feedback intensity and the polarization state, two linear polarization modes of the device can output chaotic signals, a random bit generator is used to key the polarization state, and when the polarization states of the two response lasers corresponding to the feedback light are consistent, the two lasers can obtain chaotic signals with better synchronization performance. Chaotic light injection feedback-free distributed feedback laser reported in literature (Optics Express, vol.30, pp. 23953-23966, 2022) carries out phase modulation and delay shift keying on output chaotic self-carrier waves, and the key distribution rate can reach 2.1 Gbit/s although the transmission distance is only 40 km. Chaotic light generated by mirror feedback reported in literature (Optics Express, vol 28, pp. 37919-37935, 2020) is injected into a response laser with dispersion shift keying, and high-speed physical key distribution of 1.2 Gb/s is realized in simulation. The technical route is that a single-wavelength analog signal is used as a driving source and is transmitted in a single-mode fiber, however, the national land cable and sea cable have been developed in thousands of kilometers, and the chaotic signal is used as the analog signal and is inevitably interfered by channel damage in the transmission process, so that the compatibility is further affected, and meanwhile, the transmission capacity and the safety of the multi-core fiber are not good due to the fact that the chaotic signal is transmitted in the single-mode fiber.
The principle of the method is that a broadband noise source is used as a related signal source, and the state of a chaotic signal is controlled by using a broadband noise light injection chaotic laser, such as a prior art (CN 112653545A), a key distribution system based on distributed feedback laser injection optical power keying is provided, the broadband noise light source is used for outputting a broadband noise light signal, the optical power is keyed by a power adjustable laser module, and the lasers can be synchronized only under the same power modulation. At present, two response lasers are injected with continuous light modulated by phase noise to realize chaotic synchronization reported in literature (PHYSICAL REVIEW L, vol.108, 070602, 2012), and the key distribution rate of 120 km and 128 kbit/s is realized. The distributed feedback laser which uses broadband noise light generated by super light emitting diodes and filters the broadband noise light and then injects response to enable the broadband noise light to be chaotic synchronous and uses a special random sequence modulation mode to realize key generation of 2.55 Gbit/s is reported in literature (Optics Express, vol.31, pp. 42838-42849, 2023). However, since the broadband noise signal is still an analog signal, the transmission medium is still limited to a single mode fiber, and there are problems that the transmission distance is limited to hundred kilometers and compatibility with the communication process is difficult.
The scheme based on the chaotic laser adopts analog signals for transmission, the damage to channels in the optical fiber cable such as thousands of kilometers can be serious in the long-distance transmission process, and a plurality of hardware devices are needed to be relayed to compensate the damage of channel dispersion, nonlinearity and the like, so that the cost is greatly increased, the communication system is difficult to be compatible, meanwhile, the channel capacity can be sacrificed when the analog signals are used for transmission, in addition, the capacity is limited when the chaotic laser is transmitted in a single-mode fiber, and the safety is still a potential threat.
Disclosure of Invention
The primary object of the present invention is to overcome the problems of the prior art, and to provide a physical layer security key distribution device in multi-core optical fiber communication, the invention can realize high-speed key distribution, and improves the system safety under the condition of not increasing the complexity and the cost of the system.
As another object of the present invention, a method is provided which is adapted thereto also based on the device of the preceding object.
As a further object of the invention a non-volatile storage medium is provided which is adapted to store a computer program implemented according to the method.
In order to achieve the primary purpose of the invention, the invention provides a physical layer security key distribution device in multi-core optical fiber communication, which comprises a public source generation module, a multi-core optical fiber link transmission module, a local signal receiving module, a remote signal receiving module and a post-processing module, wherein a first signal output end of the public source generation module is connected with a signal input end of the local signal receiving module, a second signal output end of the public source generation module is connected with a signal input end of the multi-core optical fiber link transmission module, a signal output end of the multi-core optical fiber link transmission module is connected with a signal input end of the remote signal receiving module, a signal output end of the local signal receiving module and a signal output end of the remote signal receiving module are both connected with the post-processing module,
The public source generation module is used for generating a multi-wavelength driving signal, dividing the multi-wavelength driving signal into two parts, transmitting the multi-wavelength driving signal to the local signal receiving module and the multi-core optical fiber link transmission module through a first signal output end and a second signal output end respectively, wherein the local signal receiving module is used for generating a first sequence and a first key code according to the multi-wavelength driving signal, the multi-core optical fiber link transmission module is used for transmitting the multi-wavelength driving signal to the remote signal receiving module, the remote signal receiving module is used for generating a second sequence and a second key code according to the multi-wavelength driving signal, the first key code and the second key code are transmitted to the remote signal receiving module and the local signal receiving module through wireless channels respectively, the post-processing module is used for carrying out sampling quantization on the first sequence and the second sequence to obtain two groups of random numbers, and then discarding inconsistent parts in the two groups of random numbers according to the exchanged key codes, and the first key code and the second key code are used for obtaining consistent random numbers.
Further, the public source generating module comprises a first long-cavity Fabry-Perot laser, an intensity modulator, a first arbitrary waveform generator, a first gain adjustable electric amplifier, a first erbium-doped fiber amplifier, a fiber grating and an optical coupler,
The output end of the first long-cavity Fabry-Perot laser is connected with the optical input end of the intensity modulator, the output end of the first arbitrary waveform generator is connected with the input end of the first gain adjustable electric amplifier, the output end of the first gain adjustable electric amplifier is connected with the electric input end of the first intensity modulator, the optical output end of the first intensity modulator is connected with the input end of the first erbium-doped fiber amplifier, the output end of the first erbium-doped fiber amplifier is connected with the input end of the fiber grating, the output end of the fiber grating is connected with the input end of the optical coupler, the first signal output end of the optical coupler is connected with the signal input end of the local signal receiving module, and the second signal output end of the optical coupler is connected with the signal input end of the multi-core fiber link transmission module.
Further, the multi-core optical fiber link transmission module comprises a first fan-in fan-out device, a seven-core optical fiber, a second fan-in fan-out device, a communication signal transmitter and a communication signal receiver,
The second signal output end of the optical coupler in the common source generating module is connected with the fourth input end of the first fan-in fan-out device in the multi-core optical fiber link transmission module, the fourth output end of the first fan-in fan-out device is connected with the middle core input end of the seven-core optical fiber, the middle core output end of the seven-core optical fiber is connected with the fourth input end of the second fan-in fan-out device, the fourth output end of the second fan-in fan-out device is connected with the signal input end of the remote signal receiving module, the output end of the communication signal transmitter is connected with the first input end of the first fan-in fan-out device, and the first output end of the second fan-in fan-out device is connected with the communication signal receiver.
Further, the local signal receiving module comprises a first programmable optical filter, a first polarization controller, a first Mach-Zehnder interferometer, a second arbitrary waveform generator, a second gain adjustable electrical amplifier, a second long cavity Fabry-Perot laser, a first photodetector,
The first signal output end of the optical coupler in the common source generating module is connected with the input end of the first programmable optical filter in the local signal receiving module, the output end of the first programmable optical filter is connected with the input end of the first polarization controller, the output end of the first polarization controller is connected with the optical input end of the first Mach-Zehnder interferometer, the output end of the second arbitrary waveform generator is connected with the input end of the second gain adjustable electric amplifier, the output end of the second arbitrary waveform generator is also required to be sent to the remote signal receiving module through a wireless channel, the output end of the second gain adjustable electric amplifier is connected with the electrical input end of the first Mach-Zehnder interferometer, the optical output end of the first Mach-Zehnder interferometer is connected with the input end of the second long cavity Fabry-Perot laser, the output end of the second long cavity Fabry-Perot laser is connected with the optical detector, and the output end of the first gain adjustable electric amplifier is connected with the input end of the first detector.
Further, the output of the second arbitrary waveform generator is random, the phase output of the first Mach-Zehnder interferometer changes along with the change of the input signal voltage of the second arbitrary waveform generator, and the state of the second long-cavity Fabry-Perot laser changes along with the change of the phase output of the first Mach-Zehnder interferometer.
Further, the off-site signal receiving module comprises a dispersion compensating optical fiber, a second programmable optical filter, a second polarization controller, a second Mach-Zehnder interferometer, a third arbitrary waveform generator, a third gain adjustable electric amplifier, a third long cavity Fabry-Perot laser, a second photoelectric detector,
The output end of the third arbitrary waveform generator is connected with the input end of the third gain adjustable electric amplifier, the output end of the third gain adjustable electric amplifier is connected with the electric input end of the second Mach-Zehnder interferometer, the optical output end of the second Mach-Zehnder interferometer is connected with the optical input end of the third long cavity Fabry-Perot interferometer, the output end of the third arbitrary waveform generator is connected with the input end of the third gain adjustable electric amplifier, the output end of the third arbitrary waveform generator is further transmitted to the local signal receiving end through a wireless channel, the output end of the third gain adjustable electric amplifier is connected with the electric input end of the second Mach-Zehnder interferometer, the optical output end of the second Mach-Zehnder interferometer is connected with the input end of the third long cavity Fabry-Perot interferometer, and the output end of the third random waveform generator is connected with the output end of the second laser.
Further, the output of the third arbitrary waveform generator is random, the phase output of the second mach-zehnder interferometer varies with the variation of the input signal voltage of the third arbitrary waveform generator, and the state of the third long-cavity fabry-perot laser varies with the variation of the phase output of the second mach-zehnder interferometer.
In order to achieve another object of the present invention, there is also provided a physical layer security key distribution method in multi-core optical fiber communication, the method being based on the physical layer security key distribution apparatus in multi-core optical fiber communication, comprising the steps of:
The public source generation module generates a multi-wavelength driving signal, divides the multi-wavelength driving signal into two parts to obtain a first signal and a second signal, and transmits the first signal and the second signal to the local signal receiving module and the multi-core optical fiber link transmission module through a first signal output end and a second signal output end respectively, wherein the multi-core optical fiber link transmission module transmits the second signal to the remote signal receiving module;
The local signal receiving module and the remote signal receiving module respectively select signals with the same wavelength from the first signal and the second signal, and generate a first sequence and a first key code, a second sequence and a second key code according to the selected signals, wherein the first key code and the second key code are respectively transmitted to the remote signal receiving module and the local signal receiving module through wireless channels;
And the post-processing module samples and quantifies the first sequence and the second sequence to obtain two groups of random numbers, then truncates inconsistent parts in the two groups of random numbers according to the exchanged key codes, and reserves consistent keys to obtain consistent random numbers for encryption.
Further, the same wavelength is atAnd (3) inner part.
In order to achieve still another object of the present invention, there is also provided a computer-readable storage medium having stored thereon a computer program which, when executed by a processor, implements the physical layer security key distribution method in multicore fiber communication.
Compared with the prior art, the invention has the beneficial effects that:
The invention uses digital signals as public sources to drive two-place lasers, wherein the public sources use long-cavity Fabry-Perot lasers to simulate the generation of multi-wavelength digital signals, then the scrambling effect of fiber gratings is used to improve the randomness and bandwidth of the signals, after the negotiation wavelength is selected, the two parties of secret communication can use a programmable optical filter to filter the multi-wavelength digital signals so as to select the corresponding wavelength, the combination of the wavelengths satisfies the characteristic of basically uncorrelated between different wavelengths because of permutation and combination, under the condition of having enough wavelengths, the public sources can have extremely large key space, and simultaneously, after the consistent wavelengths are selected, the state of the lasers is also needed to be randomly keyed, the consistent signals can be output for key extraction only when the two lasers output the same state, and the two ways of cascade modulation are also provided with key space because of the phase change, the security of the system is obviously improved, the intermediate core is used for key generation, the outer core is used for communication, the eavesdropper is difficult to hear the information of the intermediate core because of the physical mechanism of the optical fiber, the public source can be used as a complex communication system, and the transmission system can be realized, and the complexity of the public source can be reduced.
Drawings
Fig. 1 is a block diagram of a physical layer security key distribution device in multi-core optical fiber communication according to embodiment 1 of the present invention;
FIG. 2 is a spectrum of a common source signal according to embodiment 1 of the present invention;
FIG. 3 is a timing chart of the digital signals included in each wavelength of embodiment 1 of the present invention;
FIG. 4 is a timing diagram of the scrambled digital signal according to embodiment 1 of the present invention;
FIG. 5 is a timing chart of a partial synchronous output signal intercepted by a response laser according to embodiment 1 of the present invention, wherein Alice and Bob are both communication parties;
FIG. 6 is a 15 item Nist random number test overview of embodiment 1 of the present invention;
fig. 7 is a flowchart of a physical layer security key distribution method in multi-core optical fiber communication according to embodiment 2 of the present invention.
Reference numerals illustrate:
1. Public source generating module, 101, first long cavity Fabry-Perot laser, 102, intensity modulator, 104, first arbitrary waveform generator, 103, first gain adjustable electric amplifier, 105, first erbium doped optical fiber amplifier, 106, fiber grating, 107, optical coupler, 2, multi-core fiber link transmission module, 201, first fan-in fan-out device, 202, seven-core fiber, 203, second fan-in fan-out device, 204, communication signal transmitter, 205, communication signal receiver, 3, local signal receiving module, 301, first programmable optical filter, 302, first polarization controller, 303, first Mach-Zehnder interferometer, 305, second arbitrary waveform generator, 304, second gain adjustable electric amplifier, 307, second long cavity Fabry-Perot laser, 306, first photoelectric detector, 4, different place signal receiving module, 401, dispersion compensating fiber, 402, second programmable optical filter, 403, second controller, second polarization controller, second interferometer, 406, third random Mach-Zehnder interferometer, 501, third gain adjustable electric amplifier, 408, third random Mach-Zehnder optical amplifier, third random wave generator, second random gain adjustable electric amplifier, 307, second random Mach-Zehnder laser
Detailed Description
The following describes in further detail the embodiments of the present invention with reference to the drawings and examples. The following examples are illustrative of the invention and are not intended to limit the scope of the invention.
In the description of the present invention, it should be noted that the terms "center", "longitudinal", "lateral", "upper", "lower", "front", "rear", "left", "right", "vertical", "horizontal", "top", "bottom", "inner", "outer", and the like indicate orientations or positional relationships based on the orientations or positional relationships shown in the drawings, merely to facilitate description of the present invention and simplify the description, and do not indicate or imply that the apparatus or elements referred to must have a specific orientation, be configured and operated in a specific orientation, and therefore should not be construed as limiting the present invention. Furthermore, the terms "first," "second," and "third" are used for descriptive purposes only and are not to be construed as indicating or implying relative importance.
In the description of the present invention, unless explicitly stated or limited otherwise, the terms "mounted," "connected," and "connected" are to be construed broadly, and may be, for example, fixedly connected, detachably connected, or integrally connected, mechanically connected, electrically connected, directly connected, indirectly connected via an intervening medium, or in communication between two elements. The specific meaning of the above terms in the present invention will be understood in specific cases by those of ordinary skill in the art.
Furthermore, in the description of the present invention, unless otherwise indicated, the meaning of "a plurality" is two or more.
Example 1
As shown in fig. 1, a physical layer security key distribution device in multi-core optical fiber communication according to a preferred embodiment of the present invention includes a common source generating module 1, a multi-core optical fiber link transmission module 2, a local signal receiving module 3, a remote signal receiving module 4 and a post-processing module 501, wherein a first signal output end of the common source generating module 1 is connected with a signal input end of the local signal receiving module 3, a second signal output end of the common source generating module 1 is connected with a signal input end of the multi-core optical fiber link transmission module 2, a signal output end of the multi-core optical fiber link transmission module 2 is connected with a signal input end of the remote signal receiving module 4, a signal output end of the local signal receiving module 3 and a signal output end of the remote signal receiving module 4 are both connected with the post-processing module 501,
The public source generation module 1 is used for generating a multi-wavelength driving signal, dividing the multi-wavelength driving signal into two parts, then transmitting the multi-wavelength driving signal to the local signal receiving module 3 and the multi-core optical fiber link transmission module 2 through a first signal output end and a second signal output end respectively, the local signal receiving module 3 is used for generating a first sequence and a first key code according to the multi-wavelength driving signal, the multi-core optical fiber link transmission module 2 is used for transmitting the multi-wavelength driving signal to the remote signal receiving module 4, the remote signal receiving module 4 is used for generating a second sequence and a second key code according to the multi-wavelength driving signal, the first key code and the second key code are transmitted to the remote signal receiving module 4 and the local signal receiving module 3 through wireless channels respectively, the post-processing module 501 is used for carrying out sampling on the first sequence and the second sequence to obtain two groups of random numbers, and then removing the non-uniform random numbers in the two groups of random numbers according to the exchanged key codes, and the random numbers are reserved for obtaining the encryption keys.
Further, in the common source generating module 1, the first long-cavity fabry-perot laser 101 is used as a multi-wavelength optical carrier to input an optical signal into the intensity modulator 102, the output signal of the first arbitrary waveform generator 104 may be an NRZ signal, a higher-order QPSK or PAM4 signal, or the like, and the intensity of the electrical signal is amplified by the first gain-adjustable amplifier 103 and then injected into the intensity modulator 102 to simulate a multi-wavelength communication signal, fig. 2 is a spectrum of the common source signal, and fig. 3 is a digital signal timing included in each wavelength.
As shown in fig. 1, the modulated digital signal is injected into the first erbium-doped fiber amplifier 105 to adjust the signal strength, and then is injected into the fiber grating 106 to scramble the signal to improve the randomness and bandwidth thereof, fig. 4 is a timing sequence of the scrambled digital signal, the scrambled signal is injected into the optical coupler 107, then an output end of the optical coupler 107 is injected into the first programmable optical filter 301 in the local signal receiving module to keep the signal local, and two output ends of the optical coupler 107 are injected into the fourth input end of the first fan-in fan-out 201 in the multi-core fiber link transmission module to be sent to a different place.
As shown in fig. 1, in the multi-core optical fiber link transmission module 2, two output ends of the optical coupler 107 are injected into a fourth input end of a first fan-in fan-out device 201 in the multi-core link transmission module, signals enter a middle core of a seven-core optical fiber 202 to start transmission, after the signals are transmitted to a different place end, the signals enter the fourth input end of a second fan-in fan-out device 203 from the middle core of the seven-core optical fiber 202 to be received by the different place end, meanwhile, a communication signal generated by the communication signal transmitter 204 enters an outer core of the seven-core optical fiber 202 through an input end of the fan-in fan-out device to be transmitted, and after the outer core is output, a receiving end receives the communication signal by using the communication signal receiver 205, so that normal communication between users in a key distribution process is simulated, normal communication is performed between the two communication parties in the outer core, and the inner core is used for transmitting a common digital signal source for controlling a response laser in the key distribution system to synchronize, and parallelism with the key distribution system in the process of communication can be realized.
As shown in fig. 1, in the local signal receiving module 3, a signal is first injected into the local signal receiving module from an output end of the optical coupler 107, a first programmable optical filter 301 selects a wavelength of the signal, then the signal after the wavelength selection is injected into a first polarization controller 302 for controlling the signal to be injected into a laser as linear polarization, then the signal is injected into a first mach-zehnder interferometer 303, since a phase change of the first mach-zehnder interferometer 303 is regulated by a second arbitrary waveform generator 305, the second arbitrary waveform generator 305 outputs a random NRZ signal, the first mach-zehnder interferometer 303 outputs signals with different phases according to a signal voltage change of the second arbitrary waveform generator 305, wherein a key code generated by the second arbitrary waveform generator 305 is transmitted to a different place end through a wireless channel, and then the signal with a controlled phase is injected into the second long cavity fabry-perot laser 307.
Specifically, since the lasers are sensitive to phase, the different phases of the injected signals will cause different outputs of the lasers, and finally, the output of the second long-cavity fabry-perot laser 307 is injected into the first photodetector 306 to convert the signals into electrical signals, and then the electrical signals enter the post-processing module 501 for sampling and quantization.
As shown in fig. 1, in the off-site signal receiving module 4, first, a signal is connected from the fourth output end of the second fan-in fanout 203 in the multi-core optical fiber link transmission module to the dispersion compensating optical fiber 401 in the off-site signal receiving module to compensate the dispersion of the seven-core optical fiber, then the signal is connected to the second programmable optical filter 402 to select the wavelength of the signal, where the wavelength consistent with the local end needs to be selected, and if the wavelength is inconsistent, the signals of the two signals are uncorrelated.
As shown in fig. 1, the wavelength-selected signal is injected into the second polarization controller 403 to control the signal to be injected into the laser as a linear polarized light, and then the signal is injected into the second mach-zehnder interferometer 404, because the phase change of the second mach-zehnder interferometer 404 is regulated by the third arbitrary waveform generator 406, the third arbitrary waveform generator 406 outputs a random NRZ signal, the second mach-zehnder interferometer 404 outputs a signal with a different phase according to the signal voltage change of the third arbitrary waveform generator 406, where the output signal of the third arbitrary waveform generator 406 may be inconsistent with the output signal of the second arbitrary waveform generator 305, because the off-site terminal sends the key code to the local terminal through the wireless channel, so as to realize the exchange of the key code in the wireless channel.
Specifically, the controlled phase signal is injected into the third long cavity fabry-perot laser 408, the two lasers will output synchronous signals under the same phase injection, the two lasers will not be synchronous under different phase injection, finally, the output of the third long cavity fabry-perot laser 408 is injected into the second photo detector 407 to convert the optical signal into an electrical signal, fig. 5 is a partial synchronous output signal timing diagram intercepted by the response laser, alice and Bob are both communication parties, then enter the post-processing module 501 to sample and quantize, the local and the different places will pass through the exchanged key codes, the random numbers generated when the same key codes are selected, the random numbers at different times are truncated, finally, both communication parties will obtain a consistent key for encryption, meanwhile, the acquired 10 Mbit signal is quantized and kept for the same key part, and finally, under the condition that the error rate is lower than the hard decision threshold 3.8e-3, the key rate is not limited by a device, the high-speed generation of Gbit/s can be achieved, and fig. 6 is that the random key number Nist is required to pass through the profile Nist-0.01.
According to the high-speed physical layer key distribution method and system compatible with the optical fiber communication system, provided by the invention, the two communication parties carry out wavelength selection on a public multi-wavelength digital signal source, then the state of a laser is keyed through a Mach-Zehnder interferometer, and because of the multi-wavelength characteristic of a long-cavity Fabry-Perot laser and a large key space with phase change, an eavesdropper is difficult to crack parameters for guaranteeing safety, and furthermore, the transmission is carried out on the intermediate core of a seven-core optical fiber, an additional physical layer protection can be applied, finally, the two communication parties output consistent signals through a synchronous laser to extract consistent keys, and the signals are encrypted and transmitted in the outer core of the seven-core optical fiber, so that a safe secret communication process of the system is realized.
Example 2
As shown in fig. 7, a physical layer security key distribution method in multi-core optical fiber communication according to an embodiment of the present invention includes:
The method comprises the steps that S1, a public source generating module generates a multi-wavelength driving signal, the multi-wavelength driving signal is divided into two parts, a first signal and a second signal are obtained, the first signal and the second signal are respectively transmitted to a local signal receiving module and a multi-core optical fiber link transmission module through a first signal output end and a second signal output end, and the multi-core optical fiber link transmission module transmits the second signal to a remote signal receiving module;
s2, the local signal receiving module and the remote signal receiving module respectively select signals with the same wavelength from the first signal and the second signal, wherein the same wavelength is in the following range Generating a first sequence, a first key code, a second sequence and a second key code according to the selected signals, wherein the first key code and the second key code are respectively transmitted to the remote signal receiving module and the local signal receiving module through wireless channels;
And S3, the post-processing module carries out sampling quantization on the first sequence and the second sequence to obtain two groups of random numbers, then, according to the exchanged key code, the inconsistent parts in the two groups of random numbers are truncated, and a consistent key is reserved to obtain the consistent random numbers for encryption.
The method of this embodiment is based on the apparatus of embodiment 1, and therefore, the options set forth in embodiment 1 are applicable to this embodiment, and are not described here again.
Example 3
The embodiment of the invention also provides a computer readable storage medium, on which a computer program is stored, and when the computer program is executed by a processor, the physical layer security key distribution method in multi-core optical fiber communication is realized.
In summary, the embodiment of the invention provides a physical layer security key distribution device, a physical layer security key distribution method and a storage medium in multi-core optical fiber communication, which drive lasers at two places by using digital signals as public sources, wherein the public sources simulate the generation of multi-wavelength digital signals by using a long-cavity Fabry-Perot laser, the randomness and the bandwidth of the signals are improved by the scrambling effect of an optical fiber grating, two parties of secret communication can filter the multi-wavelength digital signals by using a programmable optical filter after the selection of negotiation wavelengths so as to select corresponding wavelengths, the combination of the wavelengths meets the characteristic that the arrangement combination is basically irrelevant among different wavelengths, the two parties can have extremely large key space under the condition of selecting uniform wavelengths, and simultaneously, the state of the lasers is also needed to be keyed by random keying after the selection of the uniform wavelengths, the two lasers can output the uniform signals to carry out key extraction only when the two lasers output the same state, the key space is also provided due to the phase change, the cascade modulation is improved, the security of the system is remarkably improved, the intermediate core is used for generating the multi-wavelength digital signals, the communication system is difficult to realize the combination of the communication system with the different wavelengths, and the communication system is difficult to realize due to the fact that the communication system is used for the communication key source is used for the fact that the communication is in combination with different wavelengths.
The foregoing is merely a preferred embodiment of the present invention, and it should be noted that modifications and substitutions can be made by those skilled in the art without departing from the technical principles of the present invention, and these modifications and substitutions should also be considered as being within the scope of the present invention.
Claims (10)
1. A physical layer security key distribution device in multi-core optical fiber communication is characterized by comprising a public source generation module (1), a multi-core optical fiber link transmission module (2), a local signal receiving module (3), a remote signal receiving module (4) and a post-processing module (501), wherein a first signal output end of the public source generation module (1) is connected with a signal input end of the local signal receiving module (3), a second signal output end of the public source generation module (1) is connected with a signal input end of the multi-core optical fiber link transmission module (2), a signal output end of the multi-core optical fiber link transmission module (2) is connected with a signal input end of the remote signal receiving module (4), a signal output end of the local signal receiving module (3) and a signal output end of the remote signal receiving module (4) are connected with the post-processing module (501),
The public source generation module (1) is used for generating a multi-wavelength driving signal, dividing the multi-wavelength driving signal into two parts, then transmitting the multi-wavelength driving signal to the local signal receiving module (3) and the multi-core optical fiber link transmission module (2) through a first signal output end and a second signal output end respectively, the local signal receiving module (3) is used for generating a first sequence and a first key code according to the multi-wavelength driving signal driving, the multi-core optical fiber link transmission module (2) is used for transmitting the multi-wavelength driving signal to the off-site signal receiving module (4), the off-site signal receiving module (4) is used for generating a second sequence and a second key code according to the multi-wavelength driving signal driving, the first key code and the second key code are respectively transmitted to the off-site signal receiving module (4) and the local signal receiving module (3) through wireless channels, the post-processing module (501) is used for quantizing the first sequence and the second sequence according to the multi-wavelength driving signal, then obtaining two groups of random key codes according to the random numbers, and the two groups of random key codes are reserved for obtaining random numbers in the two groups of random key codes.
2. The physical layer security key distribution device in multi-core optical fiber communication according to claim 1, wherein the common source generation module (1) comprises a first long cavity fabry-perot laser (101), an intensity modulator (102), a first arbitrary waveform generator (104), a first gain-adjustable electrical amplifier (103), a first erbium-doped fiber amplifier (105), a fiber grating (106) and an optical coupler (107),
The output end of the first long-cavity Fabry-Perot laser (101) is connected with the optical input end of the intensity modulator (102), the output end of the first arbitrary waveform generator (104) is connected with the input end of the first gain adjustable electric amplifier (103), the output end of the first gain adjustable electric amplifier (103) is connected with the electrical input end of the first intensity modulator (102), the optical output end of the first intensity modulator (102) is connected with the input end of the first erbium-doped optical fiber amplifier (105), the output end of the first erbium-doped optical fiber amplifier (105) is connected with the input end of the optical fiber grating (106), the output end of the optical fiber grating (106) is connected with the input end of the optical coupler (107), the first signal output end of the optical coupler (107) is connected with the signal input end of the local signal receiving module (3), and the second signal output end of the optical coupler (107) is connected with the signal input end of the multi-core link (2).
3. The physical layer security key distribution device in multi-core optical fiber communication according to claim 2, wherein the multi-core optical fiber link transmission module (2) comprises a first fan-in fan-out unit (201), a seven-core optical fiber (202), a second fan-in fan-out unit (203), a communication signal transmitter (204) and a communication signal receiver (205),
The second signal output end of the optical coupler (107) in the public source generation module (1) is connected with the fourth input end of a first fan-in fan-out device (201) in the multi-core optical fiber link transmission module (2), the fourth output end of the first fan-in fan-out device (201) is connected with the input end of a seven-core optical fiber middle core (202), the output end of the seven-core optical fiber middle core (202) is connected with the fourth input end of a second fan-in fan-out device (203), the fourth output end of the second fan-in fan-out device (203) is connected with the signal input end of a remote signal receiving module (4), the output end of the communication signal transmitter (204) is connected with the first input end of the first fan-in fan-out device (201), and the first output end of the second fan-in fan-out device (203) is connected with the communication signal receiver (205).
4. The physical layer security key distribution device in multi-core optical fiber communication according to claim 2, wherein the local signal receiving module (3) comprises a first programmable optical filter (301), a first polarization controller (302), a first Mach-Zehnder interferometer (303), a second arbitrary waveform generator (305), a second gain-tunable electrical amplifier (304), a second long-cavity Fabry-Perot laser (307), a first photodetector (306),
The first signal output end of the optical coupler (107) in the public source generating module (1) is connected with the input end of the first programmable optical filter (301) in the local signal receiving module (3), the output end of the first programmable optical filter (301) is connected with the input end of the first polarization controller (302), the output end of the first polarization controller (302) is connected with the optical input end of the first Mach-Zehnder interferometer (303), the output end of the second arbitrary waveform generator (305) is connected with the input end of the second gain adjustable electrical amplifier (304), the output end of the second arbitrary waveform generator (305) is also required to be sent to the off-site signal receiving module (4) through a wireless channel, the output end of the second gain adjustable electrical amplifier (304) is connected with the electrical input end of the first Mach-Zehnder interferometer (303), the output end of the first Mach-Zehnder interferometer (303) is connected with the optical input end of the second Fabry-Perot interferometer (307), and the output end of the first Fabry-Perot interferometer (307) is connected with the optical input end of the first laser cavity (306).
5. The physical layer security key distribution device in multi-core optical fiber communication according to claim 4, wherein the output of the second arbitrary waveform generator (305) is random, the phase output of the first mach-zehnder interferometer (303) varies with the variation of the input signal voltage of the second arbitrary waveform generator (305), and the state of the second long-cavity fabry-perot laser (307) varies with the variation of the phase output of the first mach-zehnder interferometer (303).
6. The physical layer security key distribution device in multi-core optical fiber communication according to claim 3, wherein the off-site signal receiving module (4) comprises a dispersion compensating optical fiber (401), a second programmable optical filter (402), a second polarization controller (403), a second Mach-Zehnder interferometer (404), a third arbitrary waveform generator (406), a third gain-tunable electric amplifier (405), a third long-cavity fabry-perot laser (408), a second photodetector (407),
A fourth output end of a second fan-in fan-out device (203) in the multi-core optical fiber link transmission module (2) is connected with an input end of a dispersion compensation optical fiber (401) in the off-site signal receiving module, an output end of the dispersion compensation optical fiber (401) is connected with an input end of the second programmable optical filter (402), an output end of the second programmable optical filter (402) is connected with an input end of the second polarization controller (403), an output end (403) of the second polarization controller is connected with an optical input end of the second mach-zehnder interferometer (404), an output end of the third arbitrary waveform generator (406) is connected with an input end of the third gain adjustable electrical amplifier (405), an output end of the third arbitrary waveform generator (406) is further transmitted to the local signal receiving end (3) through a wireless channel, an output end of the third gain adjustable electrical amplifier (405) is connected with an optical input end of the second mach-zehnder interferometer (404), an output end of the third arbitrary waveform generator (406) is connected with an optical input end of the second mach-zehnder interferometer (408) of the second optical cavity (408), the output end of the second photoelectric detector (407) is connected with the input end of the digital oscilloscope (501).
7. The physical layer security key distribution device in multi-core optical fiber communication according to claim 6, wherein the output of the third arbitrary waveform generator (406) is random, the phase output of the second mach-zehnder interferometer (404) varies with the variation of the input signal voltage of the third arbitrary waveform generator (406), and the state of the third long-cavity fabry-perot laser (408) varies with the variation of the phase output of the second mach-zehnder interferometer (404).
8. A physical layer security key distribution method in multi-core optical fiber communication, the method being based on the physical layer security key distribution apparatus in multi-core optical fiber communication according to any one of claims 1 to 7, comprising the steps of:
The public source generation module generates a multi-wavelength driving signal, divides the multi-wavelength driving signal into two parts to obtain a first signal and a second signal, and transmits the first signal and the second signal to the local signal receiving module and the multi-core optical fiber link transmission module through a first signal output end and a second signal output end respectively, wherein the multi-core optical fiber link transmission module transmits the second signal to the remote signal receiving module;
The local signal receiving module and the remote signal receiving module respectively select signals with the same wavelength from the first signal and the second signal, and generate a first sequence and a first key code, a second sequence and a second key code according to the selected signals, wherein the first key code and the second key code are respectively transmitted to the remote signal receiving module and the local signal receiving module through wireless channels;
And the post-processing module samples and quantifies the first sequence and the second sequence to obtain two groups of random numbers, then truncates inconsistent parts in the two groups of random numbers according to the exchanged key codes, and reserves consistent keys to obtain consistent random numbers for encryption.
9. The method for distributing physical layer security keys in multi-core optical fiber communication according to claim 8, wherein the same wavelength is used inAnd (3) inner part.
10. A computer readable storage medium having stored thereon a computer program, wherein the computer program when executed by a processor implements a physical layer security key distribution method in multicore optical fiber communication according to any of claims 8 to 9.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202510004880.8A CN119696781B (en) | 2025-01-02 | 2025-01-02 | Physical layer security key distribution device and method in multi-core optical fiber communication |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202510004880.8A CN119696781B (en) | 2025-01-02 | 2025-01-02 | Physical layer security key distribution device and method in multi-core optical fiber communication |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN119696781A true CN119696781A (en) | 2025-03-25 |
| CN119696781B CN119696781B (en) | 2025-12-12 |
Family
ID=95031314
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202510004880.8A Active CN119696781B (en) | 2025-01-02 | 2025-01-02 | Physical layer security key distribution device and method in multi-core optical fiber communication |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN119696781B (en) |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP3767841A1 (en) * | 2019-07-17 | 2021-01-20 | Institut Mines Telecom | Methods and devices for multi-core fiber data transmission using data precoding |
| CN114928411A (en) * | 2021-11-15 | 2022-08-19 | 广东工业大学 | Physical layer secret communication system based on chromatic dispersion-phase feedback loop encryption |
| CN119070969A (en) * | 2024-08-02 | 2024-12-03 | 广东工业大学 | A hardware secure communication device and method based on dual-loop active electro-optical feedback encryption module |
-
2025
- 2025-01-02 CN CN202510004880.8A patent/CN119696781B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP3767841A1 (en) * | 2019-07-17 | 2021-01-20 | Institut Mines Telecom | Methods and devices for multi-core fiber data transmission using data precoding |
| CN114928411A (en) * | 2021-11-15 | 2022-08-19 | 广东工业大学 | Physical layer secret communication system based on chromatic dispersion-phase feedback loop encryption |
| CN119070969A (en) * | 2024-08-02 | 2024-12-03 | 广东工业大学 | A hardware secure communication device and method based on dual-loop active electro-optical feedback encryption module |
Non-Patent Citations (1)
| Title |
|---|
| 高华;王安帮;王云才;: "经典物理层高速密钥分发研究进展", 应用科学学报, no. 04, 30 July 2020 (2020-07-30), pages 7 - 19 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN119696781B (en) | 2025-12-12 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Zhao et al. | Physical layer encryption for WDM optical communication systems using private chaotic phase scrambling | |
| Argyris et al. | Chaos-on-a-chip secures data transmission in optical fiber links | |
| Hugues-Salas et al. | 11.2 tb/s classical channel coexistence with dv-qkd over a 7-core multicore fiber | |
| CN112260816B (en) | A high-speed physical key distribution system with enhanced security | |
| Zhang et al. | 2.7 Gb/s secure key generation and distribution using bidirectional polarization scrambler in fiber | |
| CN112422226B (en) | Key generation method and device based on polarization mode dispersion of optical fiber communication link | |
| Mlejnek et al. | Reducing spontaneous Raman scattering noise in high quantum bit rate QKD systems over optical fiber | |
| Jiang et al. | Modeling and simulation of chaos-based security-enhanced WDM-PON | |
| Liang et al. | Quantum noise protected data encryption in a WDM network | |
| Hugues-Salas et al. | Co-existence of 9.6 Tb/s classical channels and a quantum key distribution (QKD) channel over a 7-core multicore optical fibre | |
| Wang et al. | A novel optical frequency-hopping scheme for secure WDM optical communications | |
| CN111416701B (en) | High-safety orthogonal mode division multiplexing access method and system based on vector disturbance | |
| Huang et al. | Coexistence of high-speed physical-layer key distribution and secure data transmission in fiber | |
| Lei et al. | Long-haul and high-speed key distribution based on one-way non-dual arbitrary basis transformation in optical fiber link | |
| Abbade et al. | All-optical cryptography through spectral amplitude and delay encoding | |
| CN119696781B (en) | Physical layer security key distribution device and method in multi-core optical fiber communication | |
| CN118984219A (en) | A hardware-secured two-way communication system and method based on multi-longitudinal mode lasers | |
| Sanz et al. | Adapting communication networks to the quantum safe era: lessons learned in the coexistence of polarization-entangled QKD and classical channels | |
| Huang et al. | An optical frequency-hopping scheme based on phase modulator-embedded optical loop mirror | |
| Zhao et al. | Highly Security 7-Core 16 WDM OCDM Transmission System Based on Time-Domain Spectral Dynamic Disturbance | |
| Bahrani et al. | Resource optimization in quantum access networks | |
| CN118249974A (en) | A secure optical communication system based on the combination of chaos hiding and chaos encryption | |
| CN116938458B (en) | High-speed physical key parallel distribution system and method based on dispersion random keying | |
| Tang et al. | High-speed chaotic secure optical communication over 1000 km based on phase scrambling | |
| Zhao et al. | Physical-Layer Secure Optical Communication Based on Private Chaotic Phase Scrambling |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant |